Browser Lite
by Yandex
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-8508 | Med | 0.42 | 6.5 | 0.02 | Mar 1, 2017 | Yandex Browser for desktop before 17.1.1.227 does not show Protect (similar to Safebrowsing in Chromium) warnings in web-sites with special content-type, which could be used by remote attacker for prevention Protect warning on own malicious web-site. | ||
| CVE-2023-26226 | 0.00 | — | 0.00 | May 30, 2025 | A use after free memory corruption issue exists in Yandex Browser for Desktop prior to version 24.4.0.682 | |||
| CVE-2021-25262 | 0.00 | — | 0.00 | May 21, 2025 | Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack. | |||
| CVE-2021-25255 | 0.00 | — | 0.01 | May 21, 2025 | Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial of service. | |||
| CVE-2021-25254 | 0.00 | — | 0.00 | May 21, 2025 | Yandex Browser Lite for Android before 21.1.0 allows remote attackers to spoof the address bar. | |||
| CVE-2024-6473 | 0.00 | — | 0.01 | Sep 3, 2024 | Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an untrusted search path is used. | |||
| CVE-2021-25261 | 0.00 | — | 0.00 | Jun 15, 2022 | Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process. |
- risk 0.42cvss 6.5epss 0.02
Yandex Browser for desktop before 17.1.1.227 does not show Protect (similar to Safebrowsing in Chromium) warnings in web-sites with special content-type, which could be used by remote attacker for prevention Protect warning on own malicious web-site.
- CVE-2023-26226May 30, 2025risk 0.00cvss —epss 0.00
A use after free memory corruption issue exists in Yandex Browser for Desktop prior to version 24.4.0.682
- CVE-2021-25262May 21, 2025risk 0.00cvss —epss 0.00
Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack.
- CVE-2021-25255May 21, 2025risk 0.00cvss —epss 0.01
Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial of service.
- CVE-2021-25254May 21, 2025risk 0.00cvss —epss 0.00
Yandex Browser Lite for Android before 21.1.0 allows remote attackers to spoof the address bar.
- CVE-2024-6473Sep 3, 2024risk 0.00cvss —epss 0.01
Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an untrusted search path is used.
- CVE-2021-25261Jun 15, 2022risk 0.00cvss —epss 0.00
Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process.